How to find and verify a trust path?

Philip Jägenstedt philip at foolip.org
Sun Sep 15 21:11:04 CEST 2013


On Sun, Sep 15, 2013 at 12:34 PM, Peter Lebbing <peter at digitalbrains.com> wrote:

> Be careful to separate the issues of trust and validity.

Right, I used the wrong terminology in my question. What I'm looking
for is an automatic way to find a (valid) signature path from me to
another key.

In very concrete terms, how can I determine which keys I need to
import so that the GnuPG dist sig (4F25E3B6) has full validity? Right
now I'm pretty sure that it won't matter which keys I import because
it's too many steps away, but that won't be the case for every key. My
current best approach is to use http://pgp.cs.uu.nl/ in order to find
the shortest paths and then manually import the keys to verify that it
is in fact true...

-- 
Philip Jägenstedt



More information about the Gnupg-users mailing list